Microgateway OAuth & Apikey plugin Query

sidd-harth
Participant V

Hi guys, I have few queries on OAuth & Apikey in MG,

1. After passing the OAuth Header in cURL I am getting 403 Forbidden

curl -i -H "Authorization: Bearer JWT" http://localhost:8000/hello/echo

HTTP/1.1 403 Forbidden
content-type: application/json
Date: Thu, 15 Jun 2017 06:44:15 GMT
Connection: keep-alive
Content-Length: 25


{"error":"access_denied"}

2. I re-generated the access_token(JWT),

curl -i -H "Authorization: Bearer newJWT" http://localhost:8000/hello/echo

HTTP/1.1 401 Unauthorized
content-type: application/json
Date: Thu, 15 Jun 2017 07:51:54 GMT
Connection: keep-alive
Content-Length: 25


{"error":"invalid_token"}

2. In the doc for implementing OAuth & Api we are adding same oauth plugin is to the plugins:sequence element. So by doing this when I call,

curl -i http://localhost:8000/hello/echo -H 'x-api-key: apikey12345'

HTTP/1.1 401 Unauthorized
content-type: application/json
Date: Thu, 15 Jun 2017 07:38:21 GMT
Connection: keep-alive
Content-Length: 84


{"error":"invalid_token"}

I am using the correct consumer key from App and have also added MG auth & hello proxies to a product. Am I missing something?

Without the oauth sequence I get 200OK and spike arrest plugin sequence works normally.

@Srinandan Sridhar

Primary use cases of MG
..
..
Continue processing messages if internet connection is temporarily lost.

Can someone explain about this?

Solved Solved
0 1 441
1 ACCEPTED SOLUTION

Former Community Member
Not applicable

@Barahalikar Siddharth

Item #1: The very likely cause for this failure is an incorrectly created API Product. A microgateway API Product must have:

  1. edgemicro_* proxy
  2. edgemicro-auth proxy
  3. If you are adding resource paths, then be sure to include /** (for sub resources) and / (to access the base path itself).

Item #2: The invalid_token message appears when the JWT token is badly formatted.

Item #3: In this case, it appears the API Key was invalid.

Microgateway is designed to continue processing API traffic even if it looses connection to Apigee Edge (hosted on cloud or on prem).

View solution in original post

1 REPLY 1

Former Community Member
Not applicable

@Barahalikar Siddharth

Item #1: The very likely cause for this failure is an incorrectly created API Product. A microgateway API Product must have:

  1. edgemicro_* proxy
  2. edgemicro-auth proxy
  3. If you are adding resource paths, then be sure to include /** (for sub resources) and / (to access the base path itself).

Item #2: The invalid_token message appears when the JWT token is badly formatted.

Item #3: In this case, it appears the API Key was invalid.

Microgateway is designed to continue processing API traffic even if it looses connection to Apigee Edge (hosted on cloud or on prem).